Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
/tmp/sh4.elf
|
/tmp/sh4.elf
|
||
|
/tmp/sh4.elf
|
-
|
||
|
/bin/sh
|
sh -c "rm -rf bin/systemd && mkdir bin; >bin/systemd && mv /tmp/sh4.elf bin/systemd; chmod 777 bin/systemd"
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/rm
|
rm -rf bin/systemd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mkdir
|
mkdir bin
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/mv
|
mv /tmp/sh4.elf bin/systemd
|
||
|
/bin/sh
|
-
|
||
|
/usr/bin/chmod
|
chmod 777 bin/systemd
|
||
|
/tmp/sh4.elf
|
-
|
||
|
/tmp/sh4.elf
|
-
|
||
|
/tmp/sh4.elf
|
-
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
net.tiktoka.cc
|
81.161.238.2
|
 |
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
112.189.33.129
|
unknown
|
Korea Republic of
|
|
|
|
197.208.84.131
|
unknown
|
Sudan
|
|
|
|
197.99.218.132
|
unknown
|
South Africa
|
|
|
|
94.66.233.229
|
unknown
|
Greece
|
||
|
157.106.17.192
|
unknown
|
Japan
|
||
|
41.126.46.251
|
unknown
|
South Africa
|
||
|
41.25.123.137
|
unknown
|
South Africa
|
||
|
41.233.156.245
|
unknown
|
Egypt
|
||
|
41.21.203.68
|
unknown
|
South Africa
|
||
|
197.136.200.52
|
unknown
|
Kenya
|
||
|
41.84.28.51
|
unknown
|
South Africa
|
||
|
197.178.66.170
|
unknown
|
Kenya
|
||
|
41.125.67.234
|
unknown
|
South Africa
|
||
|
197.95.1.81
|
unknown
|
South Africa
|
||
|
157.175.218.20
|
unknown
|
United States
|
||
|
157.151.183.252
|
unknown
|
United States
|
||
|
197.140.144.195
|
unknown
|
Algeria
|
||
|
157.240.49.27
|
unknown
|
United States
|
||
|
9.211.168.186
|
unknown
|
United States
|
||
|
61.49.134.8
|
unknown
|
China
|
||
|
197.14.84.141
|
unknown
|
Tunisia
|
||
|
157.222.9.16
|
unknown
|
United States
|
||
|
41.82.8.189
|
unknown
|
Senegal
|
||
|
41.87.162.70
|
unknown
|
Botswana
|
||
|
23.82.95.100
|
unknown
|
United States
|
||
|
197.255.209.183
|
unknown
|
Nigeria
|
||
|
41.25.2.94
|
unknown
|
South Africa
|
||
|
197.26.118.193
|
unknown
|
Tunisia
|
||
|
61.187.57.168
|
unknown
|
China
|
||
|
197.117.249.178
|
unknown
|
Algeria
|
||
|
201.27.103.78
|
unknown
|
Brazil
|
||
|
197.86.231.243
|
unknown
|
South Africa
|
||
|
197.167.50.252
|
unknown
|
Egypt
|
||
|
156.5.220.89
|
unknown
|
United States
|
||
|
221.19.84.6
|
unknown
|
Japan
|
||
|
41.152.167.48
|
unknown
|
Egypt
|
||
|
41.40.23.249
|
unknown
|
Egypt
|
||
|
157.140.227.181
|
unknown
|
United Kingdom
|
||
|
157.85.109.79
|
unknown
|
Australia
|
||
|
157.148.128.65
|
unknown
|
China
|
||
|
157.228.187.246
|
unknown
|
United Kingdom
|
||
|
41.116.151.181
|
unknown
|
South Africa
|
||
|
157.183.23.172
|
unknown
|
United States
|
||
|
197.249.194.131
|
unknown
|
Mozambique
|
||
|
197.223.62.122
|
unknown
|
Egypt
|
||
|
157.152.51.167
|
unknown
|
United States
|
||
|
41.215.47.85
|
unknown
|
Kenya
|
||
|
161.242.196.96
|
unknown
|
United States
|
||
|
157.51.208.198
|
unknown
|
India
|
||
|
157.146.250.130
|
unknown
|
United States
|
||
|
197.156.57.115
|
unknown
|
South Africa
|
||
|
157.37.177.66
|
unknown
|
India
|
||
|
132.57.246.20
|
unknown
|
United States
|
||
|
176.84.137.176
|
unknown
|
Spain
|
||
|
197.21.77.41
|
unknown
|
Tunisia
|
||
|
222.52.249.82
|
unknown
|
China
|
||
|
197.193.144.139
|
unknown
|
Egypt
|
||
|
157.170.85.10
|
unknown
|
United States
|
||
|
9.7.223.34
|
unknown
|
United States
|
||
|
41.70.118.3
|
unknown
|
Malawi
|
||
|
41.108.95.34
|
unknown
|
Algeria
|
||
|
41.6.4.181
|
unknown
|
South Africa
|
||
|
49.20.21.27
|
unknown
|
Korea Republic of
|
||
|
157.159.2.182
|
unknown
|
France
|
||
|
41.141.24.241
|
unknown
|
Morocco
|
||
|
81.70.128.137
|
unknown
|
China
|
||
|
148.250.205.76
|
unknown
|
Mexico
|
||
|
25.152.149.203
|
unknown
|
United Kingdom
|
||
|
157.173.33.253
|
unknown
|
United Kingdom
|
||
|
157.33.78.143
|
unknown
|
India
|
||
|
197.238.77.191
|
unknown
|
unknown
|
||
|
197.197.91.136
|
unknown
|
Egypt
|
||
|
173.54.241.145
|
unknown
|
United States
|
||
|
41.120.158.169
|
unknown
|
South Africa
|
||
|
189.194.91.98
|
unknown
|
Mexico
|
||
|
157.64.218.42
|
unknown
|
Japan
|
||
|
41.7.130.4
|
unknown
|
South Africa
|
||
|
157.34.10.154
|
unknown
|
India
|
||
|
197.60.132.15
|
unknown
|
Egypt
|
||
|
185.158.67.27
|
unknown
|
Czech Republic
|
||
|
41.121.43.75
|
unknown
|
South Africa
|
||
|
41.173.158.120
|
unknown
|
South Africa
|
||
|
157.108.225.1
|
unknown
|
Japan
|
||
|
197.23.125.132
|
unknown
|
Tunisia
|
||
|
41.44.132.71
|
unknown
|
Egypt
|
||
|
41.28.30.191
|
unknown
|
South Africa
|
||
|
126.196.67.239
|
unknown
|
Japan
|
||
|
41.64.49.115
|
unknown
|
Egypt
|
||
|
191.170.143.94
|
unknown
|
Brazil
|
||
|
197.51.4.234
|
unknown
|
Egypt
|
||
|
197.161.134.248
|
unknown
|
Egypt
|
||
|
197.29.195.168
|
unknown
|
Tunisia
|
||
|
161.192.53.184
|
unknown
|
United States
|
||
|
157.245.169.57
|
unknown
|
United States
|
||
|
41.42.142.191
|
unknown
|
Egypt
|
||
|
104.49.138.9
|
unknown
|
United States
|
||
|
142.163.237.170
|
unknown
|
Canada
|
||
|
197.88.158.209
|
unknown
|
South Africa
|
||
|
41.44.144.48
|
unknown
|
Egypt
|
||
|
41.108.95.96
|
unknown
|
Algeria
|
There are 90 hidden IPs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7ff4f040e000
|
page execute read
|
|
||
|
7ff576d54000
|
page read and write
|
|||
|
7ff576393000
|
page read and write
|
|||
|
555eb58cc000
|
page execute read
|
|||
|
7ff576e7d000
|
page read and write
|
|||
|
7ff576eca000
|
page read and write
|
|||
|
7ff4f0421000
|
page read and write
|
|||
|
7ff576385000
|
page read and write
|
|||
|
7ff576622000
|
page read and write
|
|||
|
7ffec3023000
|
page execute read
|
|||
|
7ff575b82000
|
page read and write
|
|||
|
7ff576e85000
|
page read and write
|
|||
|
7ff576a09000
|
page read and write
|
|||
|
555eb7ae8000
|
page execute and read and write
|
|||
|
7ff570021000
|
page read and write
|
|||
|
555eb892a000
|
page read and write
|
|||
|
7ff5769e4000
|
page read and write
|
|||
|
555eb5ae2000
|
page read and write
|
|||
|
7ff4f041f000
|
page read and write
|
|||
|
7ff570000000
|
page read and write
|
|||
|
555eb5aea000
|
page read and write
|
|||
|
7ffec301a000
|
page read and write
|
|||
|
555eb7aff000
|
page read and write
|
There are 13 hidden memdumps, click here to show them.